You shouldn't have to repeat the whole order - just performing the download operation again should be sufficient.
The closest thing I can think of is that Let's Encrypt changed CDN providers to Cloudflare in September 2019. There were a couple of teething issues but nothing as drastic as this that I know of.
I'm surprised that some kind of network-based truncation is happening without any error being raised at all.
Maybe you can instrument acme-client's use of faraday (its HTTP client) to print the raw response body and headers like content-length, to try and narrow down where the truncation is happening.